Patch notes — Per-device sessions & mobile SSO
Field workers stay signed in for up to two weeks, push notifications stop dropping, and the mobile app gains one-tap SSO sign-in.
A small but high-impact release for everyone using the field app on a phone.
Stay signed in (per-device session lengths)
Sessions used to expire at a fixed 12 hours from login, no matter how active you were — so a worker who signed in at the start of a shift would get bounced mid-afternoon. Sessions are now rolling: any activity slides the expiry forward, and the timeout is tuned to the device:
- Mobile field app — 14 days. It’s your own phone; sign in once and stay in.
- Desktop / admin — 8 hours. Deliberately short, since admin often runs in shared or public browsers.
Idle sessions still expire on the same schedule, so nothing is left open indefinitely.
Push notifications stop dropping
The frequent mobile logouts had a side effect: they quietly broke push notifications, because the app could only refresh its push subscription while signed in. With sessions that survive normal daily use, the subscription stays warm and assignment and alert notifications keep arriving.
One-tap SSO on the mobile login
The field app’s sign-in screen now shows a “Sign in with PocketID” button when single sign-on is enabled for your workspace — the same SSO you already had on desktop, now on mobile, and it grants the full 14-day mobile session.
Under the hood: rolling sessions carry a per-device scope, the session cookie’s lifetime slides in lockstep with the server-side expiry, and both the password and SSO login paths pick the right timeout. No action needed — existing sessions adopt the new behaviour on next sign-in.